Exploits Explained: ZIP embedding attack on Google Chrome extensions
Malcolm Stagg recounts the discovery of CVE-2024-0333, a vulnerability in Google Chrome that could have been exploited to install malicious extensions.
Changelog: TikTok is the new Kaspersky
Welcome to Changelog for 3/21/2024, published by Synack! README senior editor Nathaniel Mott here with a reluctant defense of TikTok following the passage of a bill looking to ban it.
How I became a hacker before I finished high school
Learn how Ally Petitt earned her OSCP and joined the Synack Red Team before graduating high school.
Changelog: Change Healthcare finally bounces back weeks after cyberattack
Welcome to Changelog for 3/14/2024, published by Synack! README senior editor Nathaniel Mott here from sunny upstate New York with the week’s top security news.
Rapid7 vs JetBrains: A vulnerability disclosure process gone bad
A recent conflict between Rapid7 and JetBrains over how to disclose vulnerabilities was marred by blame, confusion and conflicting philosophies.
Changelog: The never-ending coordinated disclosure debate
Welcome to Changelog for 3/7/2024, published by Synack! README senior editor Nathaniel Mott here with the week’s top security news.
Changelog: Bad code is a national security concern
Welcome to Changelog for 2/29/2024, published by Synack! README senior editor Nathaniel Mott here on this glorious Leap Day with the week’s top security news.
Changelog: Law enforcement disrupts (and trolls) LockBit
Welcome to Changelog for 2/22/2024, published by Synack! README senior editor Nathaniel Mott here with the week’s juiciest security news.
Changelog: Volt Typhoon threat is the real deal
Welcome to Changelog for 2/15/2024, published by Synack! README senior editor Nathaniel Mott here from the once-again-frozen backwoods of upstate New York with your week in cyber.
Page